The Downtime Channel is brought to you by ComRent
-
DDoS Attacks on Web Hosts Continue
April 7th, 2009 : Rich MillerOver the past week, there have been a series of electronic attacks on major Internet web hosts and domain service providers. These distributed denial of service (DDoS) attacks have disrupted service for tens of thousands of web sites. Here’s a recap of the recent activity:
- March 30-April 1: Cloud computing provider GoGrid is hit by a “large, distributed DDoS attack,” which disrupts service to about half of its 1,000 customers. ”We’ve been in the hosting business for over 8 years now, and have generally been able to prevent most incidents from impacting customers as heavily as this attack did,” GoGrid said on its blog.
- March 31: A DDoS attack knocks UltraDNS offline for several hours. UltraDNS, which is owned by NeuStar, runs high-availability DNS services for online retailers and companies including Oracle and Juniper. Successful attacks on DNS providers are not unprecedented, but these services are designed to be more resilient than standard provider DNS servers.
- April 2-5: Domain registrar Register.com is hit with a DDoS that causes several days of disruptions for its customers. Register.com is the eighth-largest registrar, managing 2.7 million domains.
- April 6-7: Customers of The Planet are hit by web site outages as a result of a DDoS aimed at the huge hosting company. “We will be updating DNS to mitigate attack risks further, but the attack volume was massive,” The Planet said on its Twitter stream. “Given the volume of the attack, our network operations team rerouted all name server traffic through our DDoS mitigation capabilities.” The Planet hosts more than 48,000 servers.
Coincidence? Conficker? Obviously, there’s no way to know. But a worrisome common thread is that these were all large-scale attacks that disrupted providers who’ve seen plenty of DDoS attacks before.
I think it is very sad when hosting company’s tout their low-cost hosting and never tell their clients of the security risks. Worse, is when they do nothing to prevent these attacks. FireHost.com filters traffic at the HTTP and network level… that’s just the beginning of their very real, very effective security.
I just don’t think its fair to say what you have just cited. ThePlanet and others – have a lot of excellent security gear (CiscoGuard, Arbor, etc.), but when you’re faced with a massive DDoS (sizes are typically above 5-10Gbps easily, it is not as simple as ‘null-routing’ an IP address. FireHost.com – I have no idea about their capacity, but large levels DDoS even bring Tier 1 carrier to their knees. So one can quite confidently argue, that no one provider can stop it all. It take lots of 10G circuits, lot of very expensive DPI devices and mitigation devices to thwart and filter DDoS attacks.
When you’re renting out a camp site on the beach, nothing much you can do when a tsunami hits……..
IRC: #boycottnovell @ FreeNode: April 7th, 2009 | Boycott Novell
Posted April 8th, 2009[...] http://www.datacenterknowledge.com/…; [...]
DDoS Angriffe auf mehrere Webhoster | Netzhappen
Posted April 8th, 2009[...] In der letzten Woche gab es eine Reihe von Distributed Denial of Servive (DDoS) Attacken auf große Internet Webhoster und Domain Name Provider. Aufgrund dieser Angriffe waren zehntausende von Webseiten betroffen und ihre Dienste gestört. Hier eine Zeitlinie der Ereignisse vergangener Woche zusammengestellt von datacenterknowledge: [...]
Microsoft Extends Windows XP Availability But Ends XP Support and Generates Botnets | Boycott Novell
Posted April 8th, 2009[...] Jokes aside, there is a great deal of turbulence on the Internet based on what we are told and there is evidence too. [...]
Internet Attacks On the Rise | FireBlog | FireHost
Posted June 11th, 2009[...] crash or restart resulting in one to hundreds of websites going down. Most recently, there were 4 major attacks against web hosts. This strategy affected thousands of web hosting companies’ clients, taking [...]
Seems that another one can be added to your list. Yesterday, the larger part of the DNS servers of http://www.register.com and their own website has been down. So far, I haven’t find any news items about it (my site was not found for a short while, register.com was down for 6 hours or more, others have had larger interruptions), but here’s a few twitters that reported it: http://search.twitter.com/search?max_id=2788621361&q=register.com
Christopher Prevost
Posted August 6th, 2009Security is not something that is 100% guaranteed ever. I imagine low cost providers have some degree of protection that their budget can afford, however I recall an ad in a futureshop flyer for a sonicwall hardware-style firewall. Their claim was “100% unhackable” and the folks from Dept of Nat’l Defence here in Canada in the college program I was in just laughed at it. So the moral of this story… no one person/company/hosting site is 100% immune to attacks. I mean how can you deal with sheer volume of requests? Quite simply, you can’t – so you crash and burn.
RESOURCE LINKS:
